One-time authentication tokens are used to realize two-factor authentication according to which a traditional user authentication method (using “something you know,” such as a password or a personal identification number (PIN)) is augmented with a one-time passcode that is produced by an authentication token (i.e., a secret produced by “something you possess”). These two factors collectively provide a stronger authentication method implemented by having one-time authentication tokens producing passcodes that are provided by users, e.g., via typing, to authenticate themselves to a remote authentication server where the passcode is used only once in combination with a user-specific PIN of longer lifetime.
Existing one-time authentication tokens are employed exclusively in settings that require the authentication of users to a remote server with respect to some high-level application, an authentication step that is performed once, only at the beginning of a possibly long session established by the user and the remote server. However, many applications involve sessions that themselves involve one or more data transactions taking place during a session. In such cases, a user authentication validated at the beginning of a session does not provide full integrity protection for any data transactions occurring during the session. For instance, in an online e-banking application, a user may authenticate himself or herself using a two-factor authentication based on a one-time authentication token once at the log-in time, but during a possibly long session and interaction with the bank server, many critical data transactions may take place.
A need therefore exists for techniques for authenticating such transactions. For example, an attacker can perform a man-in-the-middle attack to initiate a malicious session with the server, or an attacker may get access to an old session where the legitimate user fails to appropriately terminate. In general, as attacks become more and more sophisticated, in many operational settings there is a need to additionally secure and protect the integrity of data transactions that take place during an initially authenticated session between a user and a server.